Irish court orders probe into Facebook privacy case

"The commissioner is obliged now to investigate the complaint … and I've absolutely no doubt that she will proceed to do so", said Ireland's high court judge, Gerard Hogan.

Facebook has its international headquarters in Dublin.

Ireland's data protection commissioner had initially opposed the probe because the social media giant is covered by a so-called Safe Harbour agreement between the US and the EU.

Safe Harbour is an executive decision by the European Commission, which determined in 2000 that the US provides an adequate level of protection of EU nationals' data.

Several thousand other US-based companies, including Google and Apple, are also listed in the self-certification scheme.

But the European Court of Justice earlier this month declared the agreement invalid following a legal battle by Austrian privacy campaigner Max Schrems.

Schrems had argued that Facebook could not protect his data because the US National Security Agency (NSA) uses covert software to hoover it up, according to revelations from whistleblower Edward Snowden.

Schrems also remains sceptical that Ireland's data protection commissioner, Helen Dixon, will pursue the investigation with any zeal.

"Given my experience, I doubt that what is today mainly a 'tech business protection authority' will wake up tomorrow and turn into real 'data protection authority' - but I guess we'll see soon", he said.

But Dixon, in a statement on Tuesday, said she would comply with judge Hogan's ruling.

"My office will now proceed to investigate the substance of the complaint with all due diligence", she said.

The move signals the start of the first investigation by a European data authority into how the NSA accessed personal data of EU nationals held by a US company.

The European Commission had also highlighted access concerns.

In a 2013 review on Safe Harbour, the Commission said that US authorities may have accessed transferred personal data and processed it in ways that was "beyond what was strictly necessary and proportionate to the protection of national security".

Facebook, for its part, denies giving the US spy agency any back-door access to its data servers.

"Facebook is not and has never been part of any program to give the US government direct access to our servers", said a spokesperson.

The company said it would "respond to enquiries from the Irish Data Protection Commission as they examine the protections for the transfer of personal data under applicable law".

Facebook can still transfer data from Europe to the United States despite an invalidated Safe Harbour.

The company, along with others under the agreement, is using other legal structures to transfer the information.

But some legal experts say the alternative transfer methods, including so-called model contract clauses, will not offer much protection either.